Communication

[Scale]

What is the best option to send to strings from 1 program to the other?

At first i was simply reading the memory but on restart the address changes.

Thanks allot!

[metr0]

Remote threads and dll injections are good for that purpose, I'd say. The code in the remote thread could store the string inside a buffer of the original program, but that depends on whether you got control over the original app or not.

[Scale]

Remote threads and dll injections are good for that purpose, I'd say. The code in the remote thread could store the string inside a buffer of the original program, but that depends on whether you got control over the original app or not.

So if i understand correctly your idea would be to hook the function and write the strings to an address which is always the same?

I was thinking dll injection + detouring as well but the only example of that i have seen was c++ and i only know c# and ASM.

Lets google if theres any c# detouring classes,

Thanks for the tip!

[metr0]

Yep. Another way would be doing all this stuff remote - allocate some buffer (VirtualAllocEx), write some stirngs there (WriteProcessMemory) and do whatever you'd like to (like chaning some particular string reference to a reference to your new allocated buffer, using VirtualProtectEx and WriteProcessMemory).

Think of some ways and find the one that suits best for your current situation.

Good luck.

[cektop]

This is a good examples of how crackers think There are standardized ways of inter-process communication, which is in my opinion preferable to writing to other process memory which always leaves risks. For examples pipes, .net remoting, tcp or semaphores. Coding with low level procedures will give you nice insight of how processes work under the hood, but reading on IPC is better for developing.

http://en.wikipedia.org/wiki/Inter-process_communication

[Scale]

Ok lets add 2 questions,

Im injecting a libary which hooks a function, now for this injection i alloc some memory for the link to the libary to be loaded,

So if i use VirtualAllocEx(hprocess, (IntPtr)0x00200000, (uint)dllpath.Length + 1, 0x1000, 4);

It would create space at 00200000 which i can perfectly use then later read the data out off.

So question one would be is 00200000 a wise location?

And my second question is without a doubt a noob question,

In my detoured function i want to move a string to 00200000 pointer to the string is currently in ESI how would i do it?

I think i gotta loop and write each byte but i just cant get it in code an example would greatly be apriciated.

EDIT:

I fixed it like this:

char * sts;

__asm

{

mov sts, ESI

}

size_t b = strlen(sts);

__asm

{

push b

push ESI

push 0x200200

CALL memccpy

}

The call to memcpy is total bollox, but dll has its own memcpy so i could manually correct the call,

Yes i know jack about c++ But it works ^^

Edited December 10, 2007 by Scale

[metr0]

Great to hear it works, but just one little addition. I will quote the MSDN (for the function VirtualAllocEx).

If lpAddress is NULL, the function determines where to allocate the region.

So you will get a good pointer returned in eax and do'nt have to care about 00200000 being a wise location or not.

Edited December 15, 2007 by metr0